summaryrefslogtreecommitdiffstats
path: root/files/examples/sets_and_maps
diff options
context:
space:
mode:
Diffstat (limited to 'files/examples/sets_and_maps')
-rwxr-xr-xfiles/examples/sets_and_maps53
1 files changed, 0 insertions, 53 deletions
diff --git a/files/examples/sets_and_maps b/files/examples/sets_and_maps
deleted file mode 100755
index 58369a31..00000000
--- a/files/examples/sets_and_maps
+++ /dev/null
@@ -1,53 +0,0 @@
-#! /sbin/nft -nf
-#
-# Examples of set and map usage
-#
-
-# symbolic anonymous set definition built from symbolic singleton definitions
-define int_if1 = eth0
-define int_if2 = eth1
-define int_ifs = { $int_if1, $int_if2 }
-
-define ext_if1 = eth2
-define ext_if2 = eth3
-define ext_ifs = { $ext_if1, $ext_if2 }
-
-# recursive symbolic anonymous set definition
-define local_ifs = { $int_ifs, $ext_ifs }
-
-# symbolic anonymous set definition
-define tcp_ports = { ssh, domain, https, 123-125 }
-
-delete table filter
-table filter {
- # named set of type iface_index
- set local_ifs {
- type iface_index
- }
-
- # named map of type iface_index : ipv4_addr
- map nat_map {
- type iface_index : ipv4_addr
- }
-
- map jump_map {
- type iface_index : verdict
- }
-
- chain input_1 { counter; }
- chain input_2 { counter; }
- chain input {
- type filter hook input priority 0
-
- # symbolic anonymous sets
- meta iif $local_ifs tcp dport $tcp_ports counter
-
- # literal anonymous set
- meta iif { eth0, eth1 } counter
-
- meta iif @local_ifs counter
- meta iif vmap @jump_map
-
- #meta iif vmap { eth0 : jump input1, eth1 : jump input2 }
- }
-}